For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Logo
DeveloperAcademyCommunityStatus
ReferenceGuides
ReferenceGuides
  • Agent Studio
    • Overview
    • Quickstart Guides
    • Core Concepts
    • Conversation Process
    • Actions
    • Connectors
    • System Triggers
      • Webhooks Triggers
        • Listener Configuration
        • Webhook Verification Challenge
        • Webhook Signature Verification
        • Webhook Example: Github
        • Webhook Example: Zoom
      • Scheduled Triggers
      • System Triggers Logs & Troubleshooting Guide
    • Agent Architect
    • Cookbooks
    • Development and Testing
    • AI Agent Marketplace
    • Developer Tools
  • Agentic AI
    • LLM Fundamentals
    • The Agentic Reasoning Engine
    • Memory Constructs
    • Conversational Context
    • Guardrails
    • Grounding and Hallucinations
    • Continuous Learning
    • LLMs & SLMs
    • Steerability Tools
    • Multilingual Support
  • Core Platform
    • User Identity
    • Moveworks Agent (On-Prem)
    • Approvals Engine
    • Entity Catalog
    • Moveworks Data Objects
    • Security Information and Event Management (SIEM) Logs Overview
DeveloperAcademyCommunityStatus
On this page
  • Quickstart
  • 1) Register the Webhook in GitHub
  • 2) Configure Verification in Agent Studio
  • Gotchas
  • GitHub Documentation
Agent StudioSystem TriggersWebhooks Triggers

Webhook Example: Github

||View as Markdown|
Was this page helpful?
Edit this page
Previous

Webhook Example: Zoom

Next
Built with

GitHub webhooks notify your endpoint of repository events like pushes or pull requests. They use optional signature verification for security, with no initial challenge. This pattern is common for services prioritizing payload integrity over setup ceremonies.

Quickstart

1) Register the Webhook in GitHub

Registration establishes the shared secret and URL. In GitHub:

  1. Navigate to your repository > Settings > Webhooks > Add webhook.

  2. Payload URL: Your Agent Studio listener URL (e.g., https://your-instance.moveworks.ai/webhooks/v1/listeners/your-listener/notify). This is where GitHub sends POST requests.

  3. Content type: application/json.

  4. Generate and enter a strong Secret,this becomes the key for HMAC signing, shared only between GitHub and your listener.

  5. Select individual events (e.g., Push events) to control what triggers notifications.

    EventDescriptionKey Payload Fields
    pushCode pushed to repositorycommits, repository
    pull_requestPull request actionsaction, pull_request

  6. Add webhook.

Upon saving, GitHub sends a “ping” event (identified by header x-github-event: ping). This tests connectivity but doesn’t require special handling, treat it as a valid event.

2) Configure Verification in Agent Studio

Signature verification ensures authenticity. GitHub signs the raw body with HMAC-SHA256, sending the result in a header. In Agent Studio’s Verification panel:

  1. Open the Verification panel and add a new rule.
  2. Select Validation Type: Signature Verification (HMAC).
  3. Add a Signature Verification Rule
  4. In Secret Shared by External System, paste the secret from GitHub. This is the symmetric key; mismatches cause verification failures.
  5. Set Signature Verification Hash Mode to HMAC-SHA256, matching GitHub’s algorithm
  6. For Verification Payloads, type raw_body. GitHub signs the unparsed bytes, so this preserves exact content
  7. Verification Received Signature: headers["x-hub-signature-256"]. This header includes a sha256= prefix, which Agent Studio infers and strips during comparison

These fields interconnect: The payload feeds into HMAC with the secret and mode, producing an expected signature matched against the received one

Gotchas

  • If no secret is set in GitHub, the signature header is absent; configure verification as optional if needed.

GitHub Documentation

  • Validating webhook deliveries
  • Creating webhooks